<?php
$simple=1;
include("../contents.php");
include("../security.php");
include("../settings.php");
include("../database.php");
if (!empty($_POST["username"]) && !empty($_POST["password"])) {
	$user=mysql_query("SELECT * FROM ". $GLOBALS["db_pref"] ."users WHERE username='". $_POST["username"] ."' and passwort='". $_POST["password"] ."'");
	if (mysql_num_rows($user)==1) {
		$userrow=mysql_fetch_object($user);
		if (getright("login", $userrow->id)) {
			session_start();
			$_SESSION["userid"]=$userrow->id;
			header("Location:admin.php");
			exit();
		} else {
			$error="Der Login ist fehlgeschlagen.";
		}
	} else {
		$error="Der Login ist fehlgeschlagen.";
	}
}
echo "<"."?xml version=\"1.0\"?".">";
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="de">
  <head>
    <meta http-equiv="content-type" content="text/html; charset=UTF-8" />
    <title>Administration</title>
    <link media="screen" rel="stylesheet" href="css/style.css" type="text/css" />
  </head>

  <body id="login">
    <div id="border">
    	<div style="background-color: #ffffff; height:104px;"><img src="images/cmslogo.jpg" style="width: 129px; height: 85px; float: left; position:relative; left: 30px; padding-bottom: 20px; margin-top: 18px;" alt="CMS.net" title="CMS.net" /><div style="float:right; padding-right: 20px; padding-top: 50px; background-color:#ffffff;"><a href="http://www.xtrasite.de/">www.xtrasite.de</a></div><br style="clear:both;" /></div>
    	<div style="background-color: #E4F68D; height: 17px; border-top: 1px solid #3C7635; border-bottom: 1px solid #3C7635;"></div>
    	<div id="logininformation">
    		<h3 id="textueberschrift">LOG INTO CMS</h3>
    		<p id="textweiss">Willkommen im Content Management System Xtrasite. Nutzen sie unser <a href="http://www.xtrasite.de/bugzilla/" target="_blank">Bugzilla-System</a>, um Fehler zu melden.</p>
    		<?php
    		if (!empty($error)) {
    			?>
    			<p><?php echo $error; ?></p>
    			<?php
    		}
    		?>
    	</div>
    	<div id="loginfields">
    		<form method="post" action="<?php echo $_SERVER["PHP_SELF"]; ?>">
    		<div style="float:left;width:130px; padding-bottom: 30px; padding-top: 10px;">
    			Benutzername<br />
    			<input type="text" name="username" style="border:1px solid #8B8D94"/>
    		</div>
    		<div style="float:left;width:130px; padding-bottom: 30px; padding-top: 10px;">
    			Kennwort<br />
    			<input type="password" name="password" style="border:1px solid #8B8D94"/>
    		</div>
    		<div style="float:left;width:100px; padding-bottom: 30px; padding-top: 10px;">
    			<br />
    			<input type="submit" value="Login" style="border:1px solid #8B8D94"/>
    		</div>
    		</form>
    		<br style="clear:both;"/>
    	</div>
    	<div id="impressum">&copy; 2005 mthie</div>
    </div>
  </body>
</html>